Spaces:
Paused
Paused
File size: 1,947 Bytes
d29a5a0 4ae946d d29a5a0 4ae946d d29a5a0 4ae946d | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 | from typing import Any, Optional
from app.modules.users.service import UserService
from core.plugin_system.facades import BaseFacade
from core.plugin_system.permissions import PluginPermission
class UserPluginFacade(BaseFacade):
"""
Facade for User operations exposed to plugins.
Wrapped around UserService to ensure secure access.
"""
def __init__(
self, service: UserService, plugin_id: str, permissions: list[str] = None
):
super().__init__(service, plugin_id, permissions)
def get_user(self, user_id: str) -> Optional[dict[str, Any]]:
"""
Get safe user details.
Requires: READ_USER
"""
if not self._check_permission(PluginPermission.READ_USER):
return None
try:
user = self._service.get_user(user_id)
if not user:
return None
# Return safe dictionary, preventing modification of ORM object
return {
"id": user.id,
"username": user.username,
# Email might be PII, restrict based on stricter permission if needed
# For now assuming READ_USER allows seeing email
"email": user.email,
"role": user.role,
"is_active": user.is_active,
"department": getattr(user, "department", None),
}
except Exception:
# Service raises HTTPException if not found, we catch and return None
return None
def get_active_users_count(self) -> int:
"""
Get count of active users.
Requires: READ_DATA
"""
if not self._check_permission(PluginPermission.READ_DATA):
return 0
try:
# Ideally service has count method.
# For now return fake 0 or implement service logic
return 0
except Exception:
return 0
|